add a default docker-compose.yml file with the default volume mounts,…

… adjust volume dir structure

Dockerfile

@@ -25,9 +25,9 @@ RUN apt-get update && \
     maldet -u -d
 
 # export volumes (uncomment if you do not mount these volumes at runtime or via docker-compose)
-# VOLUME /data/queue
-# VOLUME /data/ok
-# VOLUME /data/nok
+# VOLUME /data/av/queue
+# VOLUME /data/av/ok
+# VOLUME /data/av/nok
 
 # CMD will be substituted by docker run args, e.g. docker run -ti --name antivirus antivirus my@email.com
 ENTRYPOINT ["/usr/local/entrypoint.sh"]

README.md

@@ -9,6 +9,12 @@
  - you can contribute to this project at /~https://github.com/rordi/docker-antivirus
 
 
+### Quick start
+
+If you simply want to try out the setup, copy the docker-compose.yml file from the [repository](/~https://github.com/rordi/docker-antivirus) to your local file system and run:
+
+    docker-compose up -d
+
 
 ### Introduction
 
@@ -27,13 +33,13 @@ Optionally, an email alert can be sent to a specified email address whenever a v
 
 Please provide the following volume mounts at runtime (e.g. in your docker-compose file). The antivirus container expects the following paths to be present when running:
 
-        /data/queue         --> files to be checked
-        /data/ok            --> checked files (ok)
-        /data/nok           --> scan reports for infected files
+        /data/av/queue         --> files to be checked
+        /data/av/ok            --> checked files (ok)
+        /data/av/nok           --> scan reports for infected files
 
 Additionally, you may mount the quarantine folder and provide it to the antivirus container at the following path (this might be useful if you want to process the quarantined files from another container):
 
-        /data/quarantine    --> quarantined files
+        /data/av/quarantine    --> quarantined files
 
 
 
@@ -49,10 +55,9 @@ To run the docker container, use the following command. If you pass an email add
     docker run -tid --name docker-antivirus rordi/docker-antivirus [email@example.net]
 
 
-
 ### Docker Build & Run
 
-To build your own image, clone the repo and cd into the clonde repository root folder. Then, build as follows:
+To build your own image, clone the repo and cd into the cloned repository root folder. Then, build as follows:
 
     docker build -t docker-antivirus .
 
@@ -61,10 +66,14 @@ To start the built image, run the following command. Optionally pass an email ad
     docker run -tid --name docker-antivirus docker-antivirus:latest [email@example.net]
 
 
+### Testing
+
+You can use the [EICAR test file](https://en.wikipedia.org/wiki/EICAR_test_file) to test the AV setup.
+
 
 ### Mounting volumes with docker-compose
 
-Here is an exmple entry that you can use in your docker-compose file to easily plug in the container into your existing network. Replace "networkid" with your actual netwerk id. Optionally turn on email alerts by uncommenting the "command". Finally, make sure the ./data/... folders exist on your local/host system or change the paths.
+Here is an exmple entry that you can use in your docker-compose file to easily plug in the container into your existing network. Replace "networkid" with your actual netwerk id. Optionally turn on email alerts by uncommenting the "command". Finally, make sure the ./data/av/... folders exist on your local/host system or change the paths.
 
 
     docker-av:
@@ -74,8 +83,8 @@ Here is an exmple entry that you can use in your docker-compose file to easily p
       #command:
       # - /usr/local/install_alerts.sh email@example.net
       volumes:
-        - ./data/queue:/data/queue
-        - ./data/ok:/data/ok
-        - ./data/nok:/data/nok
+        - ./data/queue:/data/av/queue
+        - ./data/ok:/data/av/ok
+        - ./data/nok:/data/av/nok
       networks:
         - yournetworkid

assets/conf.maldet

@@ -115,7 +115,7 @@ scan_clamscan="1"
 
 # Include the scanning of known temporary world-writable paths for
 # -a|--al and -r|--recent scan types.
-scan_tmpdir_paths="/data/scan"
+scan_tmpdir_paths="/data/av/scan"
 
 # Allows non-root users to perform scans. This must be enabled when
 # using mod_security2 upload scanning or if you want to allow users

assets/entrypoint.sh

@@ -1,34 +1,34 @@
 #!/bin/bash
-echo -n "Updating antivirus configuration ..."
+printf "Updating antivirus configuration ...\n"
 sed -i -e "s/{ALERT}/0/g" /usr/local/maldetect/conf.maldet
 sed -i -e "s/{EMAIL}//g" /usr/local/maldetect/conf.maldet
 if [[ $# -eq 1 && $1 = *[!\ ]* ]] ; then
     email=$1
     /usr/local/install_alerts.sh $email
 fi
-echo -n "Done"
+printf "Done\n"
 
-PATHS=(/data/scan /data/quarantine /data/queue /data/ok /data/nok)
+PATHS=(/data/av/scan /data/av/quarantine /data/av/queue /data/av/ok /data/av/nok)
 for i in ${PATHS[@]}; do
     mkdir -p ${i}
 done
 
-echo -n "Fetching latest ClamAV virus definitions"
+printf "Fetching latest ClamAV virus definitions\n"
 freshclam
 
-echo -n "Fetching latest Maldet malware signatures"
+printf "Fetching latest Maldet malware signatures\n"
 maldet -u -d
 
 # inotify watches the queue and launches the AV scanner when new files are written, keeps the docker container running as well!
 #
-#  -m /data/queue                monitor /data/queue forever
+#  -m /data/av/queue                monitor /data/av/queue forever
 #  -r                            watched directory recursively
 #  -q                            quiet (only print events)
 #  -t 0                          never timeout
 #  -e moved_to,close_write       only fire if a file is moved to or written into the watched directory
 #
-echo -n "Waiting for changes to /data/queue ..."
-inotifywait -m -r -q -t 0 -e moved_to,close_write /data/queue |
+printf "Waiting for changes to /data/av/queue ...\n"
+inotifywait -m -r -q -t 0 -e moved_to,close_write /data/av/queue |
 while read -r path action file; do
      scanner
 done

assets/install_alerts.sh

@@ -3,5 +3,5 @@ if [[ $# -eq 1 && $1 = *[!\ ]* ]] ; then
     email=$1
     sed -i -e "s/email_alert=\"0\"/email_alert=\"1\"/g" /usr/local/maldetect/conf.maldet
     sed -i -e "s/email_addr=\"\"/email_addr=\"${email}\"/g" /usr/local/maldetect/conf.maldet
-    echo -n "Enbaled email alerts for ${email}"
+    printf "Enbaled email alerts for ${email}\n"
 fi

assets/install_antivirus.sh

@@ -1,11 +1,11 @@
 #!/bin/sh
 
 # setup directories that are to be exposed as volumes
-mkdir -p /data/queue
-mkdir -p /data/scan
-mkdir -p /data/ok
-mkdir -p /data/nok
-mkdir -p /data/quarantine
+mkdir -p /data/av/queue
+mkdir -p /data/av/scan
+mkdir -p /data/av/ok
+mkdir -p /data/av/nok
+mkdir -p /data/av/quarantine
 
 # setup cron to update virus signatures hourly
 cd /usr/local

assets/scanfile.sh

@@ -1,24 +1,24 @@
 #!/bin/bash
 now=`date +'%Y-%m-%d %T'`
-echo -n "[${now}]"
+printf "[${now}]\n"
 
 # scan with ClamAV first (faster)
-clamscan -rio --enable-stats --move /data/quarantine /data/scan
+clamscan -rio --enable-stats --move /data/av/quarantine /data/av/scan
 
-# scan with maldet second, if file still in /data/scan
-files=$(shopt -s nullglob dotglob; echo /data/scan/*)
+# scan with maldet second, if file still in /data/av/scan
+files=$(shopt -s nullglob dotglob; echo /data/av/scan/*)
 if (( ${#files} ))
 then
-    maldet -a /data/scan/
+    maldet -a /data/av/scan/
 fi
 
-# maldet quarantines into /usr/local/maldetect/quarantine, move to /data/quarantine
+# maldet quarantines into /usr/local/maldetect/quarantine, move to /data/av/quarantine
 files=$(shopt -s nullglob dotglob; echo /usr/local/maldetect/quarantine/*)
 if (( ${#files} ))
 then
     for file in "/usr/local/maldetect/quarantine"/* ; do
         filename=`basename $file`
-        echo -n "  --> Moving maldet quarantined file to /data/quarantine/${filename}"
-        mv -f $file "/data/quarantine/${filename}"
+        printf "  --> Moving maldet quarantined file to /data/av/quarantine/${filename}\n"
+        mv -f $file "/data/av/quarantine/${filename}"
     done
 fi

assets/scanner.sh

@@ -1,25 +1,25 @@
 #!/bin/bash
-files=$(shopt -s nullglob dotglob; echo /data/queue/*)
+files=$(shopt -s nullglob dotglob; echo /data/av/queue/*)
 if (( ${#files} ))
 then
-    echo -n "Found files to process\n"
-    for file in "/data/queue"/* ; do
+    printf "Found files to process\n"
+    for file in "/data/av/queue"/* ; do
         filename=`basename $file`
-        mv -f $file "/data/scan/${filename}"
-        echo -n "Processing /data/scan/${filename}"
-        scanfile > /data/scan/info 2>&1
-        if [ -e "/data/scan/${filename}" ]
+        mv -f $file "/data/av/scan/${filename}"
+        printf "Processing /data/av/scan/${filename}\n"
+        scanfile > /data/av/scan/info 2>&1
+        if [ -e "/data/av/scan/${filename}" ]
         then
-            echo -n "  --> File ok"
-            mv -f "/data/scan/${filename}" "/data/ok/${filename}"
-            echo -n "  --> File moved to /data/ok/${filename}"
+            printf "  --> File ok\n"
+            mv -f "/data/av/scan/${filename}" "/data/av/ok/${filename}"
+            printf "  --> File moved to /data/av/ok/${filename}\n"
             rm /data/scan/info
-        elif [ -e "/data/quarantine/${filename}" ]
+        elif [ -e "/data/av/quarantine/${filename}" ]
         then
-            echo -n "  --> File quarantined / nok"
-            mv -f "/data/scan/info" "/data/nok/${filename}"
-            echo -n "  --> Scan report moved to /data/nok/${filename}"
+            printf "  --> File quarantined / nok\n"
+            mv -f "/data/av/scan/info" "/data/av/nok/${filename}"
+            printf "  --> Scan report moved to /data/av/nok/${filename}\n"
         fi
     done
-    echo -n "Done with processing"
+    printf "Done with processing\n"
 fi

docker-compose.yml

@@ -0,0 +1,19 @@
+version: '2'
+
+services:
+
+  docker-av:
+    image: rordi/docker-antivirus
+    container_name: docker-av
+    # uncomment and set the email address to receive email alerts when viruses are detected
+    #command:
+    # - /usr/local/install_alerts.sh email@example.net
+    volumes:
+      - ./data/queue:/data/av/queue
+      - ./data/ok:/data/av/ok
+      - ./data/nok:/data/av/nok
+    networks:
+      - avnetwork
+
+networks:
+  avnetwork: